<?php
require_once('includes/config.php');
require_once('includes/classes/class.template_engine.php');
require_once('includes/functions/func.global.php');
require_once('includes/functions/func.users.php');
session_start();
$config['lang'] = check_user_lang($config);
require_once('includes/lang/lang_'.$config['lang'].'.php');

db_connect($config);
if(isset($_GET['token']))
{
	$token = $_GET['token'];
	$id = $_GET['id'];
	$type = $_GET['type'];
	if($type == 'provider')
	{
		$email_info = mysql_fetch_row(mysql_query("SELECT newemail FROM ".$config['db']['pre']."providers WHERE provider_id='".validate_input($id)."' LIMIT 1"));
		if(!isset($email_info[0]))
		{
			message($lang['ERROR_CHANGE_EMAIL'], $config,$lang, 'profile_edit.php');
			exit();
		}
		if($token != md5($email_info[0]))
		{
			message($lang['ERROR_CHANGE_EMAIL'], $config,$lang, 'profile_edit.php');
			exit();
		}
		mysql_query("UPDATE `".$config['db']['pre']."providers` SET `provider_email` = '".$email_info[0]."', newemail='' WHERE `provider_id` =".validate_input($id)." LIMIT 1 ;");
		message($lang['SUCESSFULL_CHANGE_EMAIL'], $config,$lang, 'manage.php');
	}
	else
	{
		$email_info = mysql_fetch_row(mysql_query("SELECT newemail FROM ".$config['db']['pre']."buyers WHERE buyer_id='".validate_input($id)."' LIMIT 1"));
		if(!isset($email_info[0]))
		{
			message($lang['ERROR_CHANGE_EMAIL'], $config,$lang, 'profile_edit.php');
			exit();
		}
		if($token != md5($email_info[0]))
		{
			message($lang['ERROR_CHANGE_EMAIL'], $config,$lang, 'profile_edit.php');
			exit();
		}
		mysql_query("UPDATE `".$config['db']['pre']."buyers` SET `buyer_email` = '".$email_info[0]."', newemail='' WHERE `provider_id` =".validate_input($id)." LIMIT 1 ;");
		message($lang['SUCESSFULL_CHANGE_EMAIL'], $config,$lang, 'manage.php');
	}
}
if(checkloggedin())
{
	check_negative_balance($config);

	if($_SESSION['user']['type'] == 'provider')
	{
			
			$error = 0;
			$error_msg = array();
			if(!eregi("^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$", $_POST['email']))			
			{
				$error++;
				$error_msg[] = '';
			}
			$email_info = mysql_fetch_row(mysql_query("SELECT provider_id FROM ".$config['db']['pre']."providers WHERE provider_email='".validate_input($_POST['email'])."' LIMIT 1"));
			if(isset($email_info[0]))
			{
				$error++;
				$error_msg[] = '';
			}
			//echo "$error";exit();
			if($error > 0)
			{
				message($lang['ERROR_CHANGE_EMAIL'], $config,$lang, 'profile_edit.php');
			}
			else
			{
				$email_info = mysql_fetch_row(mysql_query("SELECT provider_email FROM ".$config['db']['pre']."providers WHERE provider_id='".$_SESSION['user']['id']."' LIMIT 1"));
				$oldemail = $email_info[0];
				$email = $_POST['email'];
				send_email_change_email($oldemail,$email,'provider',$_SESSION['user']['id'],$config,$lang);
				message($lang['CONFIRM_CHANGE_EMAIL'], $config,$lang, 'manage.php');
				exit();
			}
	}
	else
	{
			$error = 0;
			$error_msg = array();
			if(!eregi("^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$", $_POST['email']))			
			{
				$error++;
				$error_msg[] = '';
			}
			$email_info = mysql_fetch_row(mysql_query("SELECT buyer_id FROM ".$config['db']['pre']."buyers WHERE buyer_email='".validate_input($_POST['email'])."' LIMIT 1"));
			if(isset($email_info[0]))
			{
				$error++;
				$error_msg[] = '';
			}
			if($error > 0)
			{
				message($lang['ERROR_CHANGE_EMAIL'], $config,$lang, 'profile_edit.php');
			}
			else
			{
				$email_info = mysql_fetch_row(mysql_query("SELECT buyer_email FROM ".$config['db']['pre']."buyers WHERE buyer_id='".$_SESSION['user']['id']."' LIMIT 1"));
				$oldemail = $email_info[0];
				$email = $_POST['email'];
				send_email_change_email($oldemail,$email,'buyer',$_SESSION['user']['id'],$config,$lang);
				message($lang['CONFIRM_CHANGE_EMAIL'], $config,$lang, 'manage.php');
				exit();
			}
	}
}
else
{
	header("Location: login.php");
	exit;
}
?>